Jump to content

itman

Most Valued Members
  • Content Count

    6,926
  • Joined

  • Last visited

  • Days Won

    183

itman last won the day on September 15

itman had the most liked content!

Profile Information

  • Gender
    Male
  • Location
    USA

Recent Profile Visitors

14,063 profile views
  1. Also and important, note that Cisco Meraki network perimeter security appliances for example have Web content filtering granularity to the level where specific Torrent traffic can be blocked. However, they footnote this capability with the following statement: https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Blocking_P2P_And_File_Sharing
  2. -EDIT- Try what is shown in this Eset online help article first: https://help.eset.com/ees/7/en-US/how_block_file_dwnl.html. That is enter, *.*.torrent and */*.torrent in URL blocked address list. However, read this article: https://www.techworm.net/2020/04/download-torrent-site.html. By blocking .torrent downloads, you are only blocking the "seeding" file and not the actual downloaded files. Also note: -END EDIT- The only way to do this would be to block access to torrent web sites by domain name filtering via URL address management. Here's a list of approx. 30 of them and I am sure more exist: https://www.alltorrentsites.com/ . Note that to download torrent files, Torrent software must be installed. I really don't know why any commercial concern would allow users to install like software or any software for that matter: https://security.stackexchange.com/questions/122617/how-to-block-torrent-sites . If we are referring to BitTorrent, it's inbound traffic can be blocked by creating an Eset firewall to do so: https://imacify.com/2013/07/what-is-torrents-and-how-to-block-torrent-downloads/ although torrents can use any port. Or: https://security.stackexchange.com/questions/33983/what-are-the-tcp-udp-ports-used-by-torrent-applications The problem here I believe is the torrent client/s are initiating the download by performing an outbound connection. As such, the Eset firewall will allow that inbound traffic.
  3. Per Eset online help: https://help.eset.com/ees/7/en-US/idh_config_parental_rule_edit_dlg.html?idh_config_epfw_scan_http_address_list.html The problem here as I see it is torrent files are download outside of a browser. I believe URL management only controls access to files opened in a browser.
  4. Did you create an entry in the "List of blocked addresses" and place an "*" there? If so, all URLs will be blocked except those specified in the "List of allowed addresses." By default, the "List of blocked addresses" is empty. As such, nothing is blocked by Eset other than its real-time detections. If you only want to absolutely block 20 specific URLs, just add those to the "List of blocked addresses."
  5. One solution here is to create a firewall rule to allow all outbound traffic. Set its logging severity level to Warning. Move the rule to the bottom of the existing rule set. This will create a Network protection log entry for every outbound request the rule is triggered for. Create the rule just prior to shutting down the PC for the night. When you do a cold boot the next morning and the desktop appears and the system settles down, review the Network protection log for entries generated by the above rule. You can then create permanent firewall rules for the processes associated with these log entries as you see fit. Note that monitoring all Win 10 outbound system and Store network activity is pretty an effort in futility. System package and Store app directory and/or file names change with each app update.
  6. Refer to this Eset on-line help article: https://help.eset.com/eis/13/en-US/idh_config_alert.html . Disabling "Interactive alerts" however is not recommend since Eset will become completely silent in regards to the following:
  7. The default account in Win 10 is limited Admin. Appears you are running instead under a standard user account? This is why you are getting the UAC alerts. Note that Microsoft has removed the full hidden Admin account from Home and I beleive Pro versions some time ago. If you run as limited admin which BTW runs with standard user privileges and elevates to Admin status via UAC when required, this should eliminate these UAC alerts from Eset firewall in Interactive mode assuming UAC is set to default level. If UAC is set to max. level (recommended), the UAC alerts will continue.
  8. You can test with Brave using this URL, https://secure.eicar.org/eicar.com . Eset should detect it immediately.
  9. The Eset GUI last major revision was in ver. 9 when Eset changed the GUI to conform with Win Metro format. I believe that was in 2015 or so. I painfully remember this since all existing HIPS rules had to be manually reentered in ver. 9 since they weren't compatible with the Metro format. Also many including myself preferred the old Eset GUI since HIPS rules were much easier to manage in the old GUI interface.
  10. When this topic first came up in regards to FF using Win root CA cert. store and Eset no longer adding its root CA cert. to FF's Authorities cert. store, I purposely deleted Eset's cert. from FF's Authorities cert. store. I just rechecked FF's Authorities cert. store and the Eset root cert. is now there. So it does appear that Eset upon version update is still adding its root cert. to FF's Authorities cert. store on non-Enterprise FF versions. Also, FF preferences does show security.enterprise_roots.enabled", true, locked
  11. I assume your friend is also using AOL Gold desktop software which is a paid monthly subscription service? AOL shut down its free desktop software in 2017. AOL Gold features note: https://discover.aol.com/products-and-services/aol-desktop-for-windows As such, your friend should be informing AOL of this activity. Also perhaps dumping AOL Gold use altogether. AOL home page can be directly accesses in any browser via entering aol.com. AOL e-mail can be directly accessed in any browser via entering mail.aol.com.
  12. There was a thread where Brave had an issue with Eset anti-phishing protection: https://forum.eset.com/topic/19969-brave-browser-not-protected-by-anti-phishing/ Try setting the Eset action to Scan as @Marcos suggested and verify if Eset now detects the script.
  13. One possibility is Brave has built-in security features and is blocking the script from running prior to rendering the web page. No - by default, Brave allows all JavaScript's to run. Also it needs to be verified if Brave is using the Windows root CA certificate store or it is using its own root certificate store equivalent.
  14. https://www.comparitech.com/blog/vpn-privacy/remote-access-vpn/
  15. IP address 192.168.10.41 is a device on your local subnet. You refer to this reference as a web site?
×
×
  • Create New...